Re: [SECURITY] [DSA 3464-1] rails security update

To: "debian-security@lists.debian.org" <debian-security@lists.debian.org>
Subject: Re: [SECURITY] [DSA 3464-1] rails security update
From: Trond Kringstad <Trond@kringstad.net>
Date: Sun, 31 Jan 2016 18:51:25 +0000
Message-id: <[🔎] 336F14FB-31F6-4BDB-A82E-1222E9E92E08@kringstad.net>
In-reply-to: <20160131184351.GA4814@pisco.westfalen.local>
References: <20160131184351.GA4814@pisco.westfalen.local>

Please unsubscribe me ...

Regards,

Trond Kringstad
trond@kringstad.net







On 31/01/16 19:43, "Moritz Muehlenhoff" <jmm@debian.org> wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA256
>
>- -------------------------------------------------------------------------
>Debian Security Advisory DSA-3464-1                   security@debian.org
>https://www.debian.org/security/                       Moritz Muehlenhoff
>January 31, 2016                      https://www.debian.org/security/faq
>- -------------------------------------------------------------------------
>
>Package        : rails
>CVE ID         : CVE-2015-3226 CVE-2015-3227 CVE-2015-7576 CVE-2015-7577 
>                 CVE-2015-7581 CVE-2016-0751 CVE-2016-0752 CVE-2016-0753
>
>Multiple security issues have been discovered in the Rails on Rails web
>application development framework, which may result in denial of service,
>cross-site scripting, information disclosure or bypass of input
>validation.
>
>For the stable distribution (jessie), these problems have been fixed in
>version 2:4.1.8-1+deb8u1.
>
>For the unstable distribution (sid), these problems have been fixed in
>version 2:4.2.5.1-1.
>
>We recommend that you upgrade your rails packages.
>
>Further information about Debian Security Advisories, how to apply
>these updates to your system and frequently asked questions can be
>found at: https://www.debian.org/security/
>
>Mailing list: debian-security-announce@lists.debian.org
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v2
>
>iQIcBAEBCAAGBQJWrlW7AAoJEBDCk7bDfE429bsQAJbxqXoQMEjnr8jd1I6zfWlF
>0rn734+1IKDIPmtRa7bXVqm/WGIRc6hzLq2xfeWsFD7eH2yxNAEEFELGye8SaAMW
>Z6rdXudmXDsRv/H7uKcWPftqL2rJZO4/CJRbOW5cTmSKMgMBcTYxE9zAxaHzEH9D
>JJ3zjipJbncsCscyEcAFXt0nktMzKpQPnAgQ9nwSo6k9U2LLPBx8LNpokjIPH6SU
>0p9uxc9q3ct0O9kEWCU6JDUGgSjaSbLE21buT5QRqkqUtdp5ZW0u6qTH8fT2es7H
>e4EYZTJLLxw65qSmvFjoxFPRZbP2mv5wz+6zEq3Dn2zILlbyQZ/07Cgt8O935535
>LMwGx9lXLHoH8RlyWQ9xkip2s5ltPJltRRWvVjA5CL1m/NQefnpi82VmTXgwnCxh
>uce0rktFdxKuKIvIm5bX98Eyh/2RfQ0apd6UxpJG/8OmLdHGWeCGG5CBvLw+FEVB
>+S17dr1+Gsg0U2ac1jcd5kDbn9eUR+8D6CIzPdpQHSrEaNezsb3KyOn1k8Dde9a/
>SyMQhpBt1Ua9Fl2tJAJHIu4t1nsBlhKw6XYND6ER4vKjYK5l12VUbEvn1ZLqapSn
>/0CcT2An7UKqZR23LefxckVF1iAPnjuliTO2VL5rGdYxE7xm9GZh5ME8jxqw8EWC
>+s3gAMfwSdOGdT8+0g1s
>=Pmrh
>-----END PGP SIGNATURE-----
>

Reply to:

Prev by Date: Re: [SECURITY] [DSA 3461-1] freetype security update
Previous by thread: Re: [SECURITY] [DSA 3461-1] freetype security update
Index(es):
- Date
- Thread